From owner-svn-doc-all@FreeBSD.ORG Mon Oct 21 22:51:20 2013 Return-Path: Delivered-To: svn-doc-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 196F3C97; Mon, 21 Oct 2013 22:51:20 +0000 (UTC) (envelope-from dru@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 05C6B2CEB; Mon, 21 Oct 2013 22:51:20 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9LMpJR9013240; Mon, 21 Oct 2013 22:51:19 GMT (envelope-from dru@svn.freebsd.org) Received: (from dru@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9LMpJ5I013239; Mon, 21 Oct 2013 22:51:19 GMT (envelope-from dru@svn.freebsd.org) Message-Id: <201310212251.r9LMpJ5I013239@svn.freebsd.org> From: Dru Lavigne Date: Mon, 21 Oct 2013 22:51:19 +0000 (UTC) To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43018 - head/en_US.ISO8859-1/books/handbook/network-servers X-SVN-Group: doc-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-doc-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire doc trees \(except for " user" , " projects" , and " translations" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Oct 2013 22:51:20 -0000 Author: dru Date: Mon Oct 21 22:51:19 2013 New Revision: 43018 URL: http://svnweb.freebsd.org/changeset/doc/43018 Log: White space fix only. Translators can ignore. Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:20:54 2013 (r43017) +++ head/en_US.ISO8859-1/books/handbook/network-servers/chapter.xml Mon Oct 21 22:51:19 2013 (r43018) @@ -3006,134 +3006,136 @@ dhcpd_ifaces="dc0" --> Domain Name System (<acronym>DNS</acronym>) - BIND + BIND - Domain Name System (DNS) is the protocol through which domain names are - mapped to IP addresses, and vice versa. By default, &os; installs the Berkeley - Internet Name Domain (BIND), which is the most common implementation - of the DNS protocol. The &os; version provides enhanced security features, a new file - system layout, and automated &man.chroot.8; - configuration. BIND is maintained by the - isc.org. - It is not necessary to run a name - server to perform DNS lookups on a - system. - - DNS - DNS is coordinated across the Internet - through a somewhat complex system of authoritative root, Top - Level Domain (TLD), and other smaller-scale - name servers, which host and cache individual domain - information. Table 28.4 describes some of the terms associated with DNS: - - resolver - reverse - DNS - root zone + Domain Name System (DNS) is the protocol + through which domain names are mapped to IP + addresses, and vice versa. By default, &os; installs the + Berkeley Internet Name Domain (BIND), which + is the most common implementation of the DNS + protocol. The &os; version provides enhanced security features, + a new file system layout, and automated &man.chroot.8; + configuration. BIND is maintained by the isc.org. It is not + necessary to run a name server to perform DNS + lookups on a system. + + DNS + DNS is coordinated across the Internet + through a somewhat complex system of authoritative root, Top + Level Domain (TLD), and other smaller-scale + name servers, which host and cache individual domain + information. Table 28.4 describes some of the terms associated + with DNS: + + resolver + reverse + DNS + root zone + + + <acronym>DNS</acronym> Terminology + + + + + + + + Term + Definition + + + + + + Forward DNS + Mapping of hostnames to IP + addresses. + + + + Origin + Refers to the domain covered in a particular zone + file. + + + + named, BIND + Common names for the BIND name server package + within &os;. + + + + Resolver + A system process through which a machine queries + a name server for zone information. + + + + Reverse DNS + Mapping of IP addresses to + hostnames. + + + + Root zone + + The beginning of the Internet zone hierarchy. All + zones fall under the root zone, similar to how all files + in a file system fall under the root directory. + + + + Zone + An individual domain, subdomain, or portion of the + DNS administered by the same + authority. + + + +
- - <acronym>DNS</acronym> Terminology - - - - - - - Term - Definition - - - - - - Forward DNS - Mapping of hostnames to IP - addresses. - - - - Origin - Refers to the domain covered in a particular zone - file. - - - - named, BIND - Common names for the BIND name server package - within &os;. - - - - Resolver - A system process through which a machine queries - a name server for zone information. - - - - Reverse DNS - Mapping of IP addresses to - hostnames. - - - - Root zone - - The beginning of the Internet zone hierarchy. - All zones fall under the root zone, similar to how - all files in a file system fall under the root - directory. - - - - Zone - An individual domain, subdomain, or portion of - the DNS administered by the same - authority. - - - -
- - - zones - examples - - - Examples of zones: - - - - . is how the root zone is usually - referred to in documentation. - - - - org. is a Top Level Domain - (TLD) under the root zone. - + + zones + examples + - - example.org. is a - zone under the org. - TLD. - + Examples of zones: - - 1.168.192.in-addr.arpa is a zone - referencing all IP addresses which fall - under the 192.168.1.* - IP address space. - - - - As one can see, the more specific part of a hostname - appears to its left. For example, - example.org. is more - specific than org., as org. - is more specific than the root zone. The layout of each part - of a hostname is much like a file system: the - /dev directory falls - within the root, and so on. + + + . is how the root zone is usually + referred to in documentation. + + + + org. is a Top Level Domain + (TLD) under the root zone. + + + + example.org. is a + zone under the org. + TLD. + + + + 1.168.192.in-addr.arpa is a zone + referencing all IP addresses which fall + under the 192.168.1.* + IP address space. + + + + As one can see, the more specific part of a hostname + appears to its left. For example, example.org. is more specific than + org., as org. is more specific + than the root zone. The layout of each part of a hostname is + much like a file system: the /dev directory falls within the + root, and so on. Reasons to Run a Name Server @@ -4405,18 +4407,19 @@ $include Kexample.com.+005+nnnnn.ZSK.key setting up Apache - The open source - Apache HTTP Server is the most widely - used web server. &os; does not install this web server by default, - but it can be installed from the - www/apache24 package or port. - - This section summarizes how to configure and start version 2.x of the - Apache HTTP Server, the - most widely used version, on &os;. For more detailed - information about - Apache 2.X and its configuration directives, refer to - httpd.apache.org. + The open source Apache HTTP Server + is the most widely used web server. &os; does + not install this web server by default, but it can be installed + from the www/apache24 package or port. + + This section summarizes how to configure and start version + 2.x of the Apache HTTP + Server, the most widely used version, on &os;. + For more detailed information about + Apache 2.X and its configuration + directives, refer to httpd.apache.org. Configuring and Starting Apache @@ -4424,20 +4427,20 @@ $include Kexample.com.+005+nnnnn.ZSK.key Apache configuration file - In &os;, the main Apache HTTP Server - configuration file is installed as + In &os;, the main Apache HTTP + Server configuration file is installed as /usr/local/etc/apache2x/httpd.conf. - This ASCII text file begins - comment lines with the #. The - most frequently modified directives are: + This ASCII text file begins comment lines with the + #. The most frequently modified directives + are: ServerRoot "/usr/local" - Specifies the default directory hierarchy for - the Apache installation. + Specifies the default directory hierarchy for the + Apache installation. Binaries are stored in the bin and sbin @@ -4451,7 +4454,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key ServerAdmin you@your.address - The email address to receive problems with the server. This address also appears on some + The email address to receive problems with the + server. This address also appears on some server-generated pages, such as error documents. @@ -4463,8 +4467,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key Allows an administrator to set a host name which is sent back to clients for the server. For example, - www can be used instead of the actual host - name. + www can be used instead of the actual + host name. @@ -4487,8 +4491,8 @@ $include Kexample.com.+005+nnnnn.ZSK.key making changes. When the configuration of Apache, is complete, save the file and verify the configuration using apachectl(8). - Running apachectl configtest - should return Syntax OK. + Running apachectl configtest should return + Syntax OK. Apache starting or stopping @@ -4507,16 +4511,17 @@ $include Kexample.com.+005+nnnnn.ZSK.key If Apache should be started with non-default options, the following line may be added to - /etc/rc.conf to specify the needed flags: + /etc/rc.conf to specify the needed + flags: apache24_flags="" The Apache configuration can be - tested for errors after making subsequent - configuration changes while httpd is - running. This can be done by the &man.rc.8; script directly, - or by the &man.service.8; utility by issuing one of the - following commands: + tested for errors after making subsequent configuration + changes while httpd is running. This can + be done by the &man.rc.8; script directly, or by the + &man.service.8; utility by issuing one of the following + commands: &prompt.root; service apache24 configtest @@ -4873,66 +4878,72 @@ DocumentRoot /www/someotherdomain.tld --> File Transfer Protocol (<acronym>FTP</acronym>) - FTP servers + FTP + servers - The File Transfer Protocol (FTP) provides users with a - simple way to transfer files to and from an - FTP server. - &os; includes FTP server - software, ftpd, in the base system. - - &os; provides several configuration files for controlling access - to the FTP server. This section summarizes - these files. Refer to &man.ftpd.8; for more details about the - built-in FTP server. + The File Transfer Protocol (FTP) provides + users with a simple way to transfer files to and from an + FTP server. &os; includes + FTP server software, + ftpd, in the base system. + + &os; provides several configuration files for controlling + access to the FTP server. This section + summarizes these files. Refer to &man.ftpd.8; for more details + about the built-in FTP server. - - Configuration + + Configuration The most important configuration step is deciding which - accounts will be allowed access to the FTP server. A - &os; system has a number of system accounts which - should not be allowed FTP access. - The list of users disallowed any FTP access - can be found in /etc/ftpusers. - By - default, it includes system accounts. Additional - users that should not be + accounts will be allowed access to the FTP + server. A &os; system has a number of system accounts which + should not be allowed FTP access. The list + of users disallowed any FTP access can be + found in /etc/ftpusers. By default, it + includes system accounts. Additional users that should not be allowed access to FTP can be added. In some cases it may be desirable to restrict the access of some users without preventing them completely from using FTP. This can be accomplished be creating - /etc/ftpchroot as described in &man.ftpchroot.5;. This file lists - users and groups subject to FTP access restrictions. + /etc/ftpchroot as described in + &man.ftpchroot.5;. This file lists users and groups subject + to FTP access restrictions. FTP anonymous - To enable anonymous FTP access to the server, create a - user named ftp on the &os; system. Users - will then be able to log on to the FTP server with a username - of ftp or anonymous. When prompted for the password, - any input will be accepted, but by convention, an email address - should be used as the password. The FTP server will - call &man.chroot.2; when an anonymous user logs in, to - restrict access to only the home directory of the + To enable anonymous FTP access to the + server, create a user named ftp on the + &os; system. Users will then be able to log on to the + FTP server with a username of + ftp or anonymous. + When prompted for the password, any input will be accepted, + but by convention, an email address should be used as the + password. The FTP server will call + &man.chroot.2; when an anonymous user logs in, to restrict + access to only the home directory of the ftp user. - There are two text files that can be created to specify welcome messages to - be displayed to FTP clients. The contents of + There are two text files that can be created to specify + welcome messages to be displayed to FTP + clients. The contents of /etc/ftpwelcome will be displayed to users before they reach the login prompt. After a successful login, the contents of /etc/ftpmotd will be displayed. Note that the path to this file is relative to the login - environment, so the contents of ~ftp/etc/ftpmotd - would be displayed for anonymous users. - - Once the FTP server has been configured, set the appropriate variable in - /etc/rc.conf to start the service during boot: + environment, so the contents of + ~ftp/etc/ftpmotd would be displayed for + anonymous users. + + Once the FTP server has been + configured, set the appropriate variable in + /etc/rc.conf to start the service during + boot: ftpd_enable="YES" @@ -4940,7 +4951,8 @@ DocumentRoot /www/someotherdomain.tld &prompt.root; service ftpd start - Test the connection to the FTP server by typing: + Test the connection to the FTP server + by typing: &prompt.user; ftp localhost @@ -4950,9 +4962,10 @@ DocumentRoot /www/someotherdomain.tld The ftpd daemon uses &man.syslog.3; to log messages. By default, the system log - daemon will write messages related to FTP in - /var/log/xferlog. The location of - the FTP log can be modified by changing the following line in + daemon will write messages related to FTP + in /var/log/xferlog. The location of + the FTP log can be modified by changing the + following line in /etc/syslog.conf: ftp.info /var/log/xferlog @@ -4963,14 +4976,15 @@ DocumentRoot /www/someotherdomain.tld - Be aware of the potential problems involved with running - an anonymous FTP server. In particular, think twice about - allowing anonymous users to upload files. It may turn out - that the FTP site becomes a forum for the trade of unlicensed - commercial software or worse. If anonymous FTP uploads are - required, then verify the permissions so that these files can - not be read by other anonymous users until they have been - reviewed by an administrator. + Be aware of the potential problems involved with running + an anonymous FTP server. In particular, + think twice about allowing anonymous users to upload files. + It may turn out that the FTP site becomes + a forum for the trade of unlicensed commercial software or + worse. If anonymous FTP uploads are + required, then verify the permissions so that these files + can not be read by other anonymous users until they have + been reviewed by an administrator.